On May 7, Canonical published details about OpenJDK 6 vulnerabilities, in a security notice, for its Ubuntu 12.04 LTS, Ubuntu 11.10, and Ubuntu 10.04 LTS operating systems.
According to Canonical, several security issues have been fixed in OpenJDK 6.
For example, a vulnerability in the OpenJDK JRE related to information disclosure and data integrity has been discovered. An attacker could exploit this to execute arbitrary code.
Also, two vulnerabilities have been found in the OpenJDK JRE, and they are related to confidentiality issues. An attacker could exploit these problems to expose sensitive data over the network.
Users can simply fix the security flaws by upgrading the operating systems to the icedtea-6-jre-cacao, icedtea-6-jre-jamvm, openjdk-6-jre, openjdk-6-jre-headless, openjdk-6-jre-zero, and openjdk-6-jre-lib specific to each distribution.
A normal system update, executed with the Update Manager, will implement all the necessary changes. After a standard system update, you need to restart any applications using OpenJDK, such as your browser.